Congress presses Secret Service for info on state-sponsored foreign hackers stealing Covid relief funds

[ad_1]

During a House Oversight Committee hearing on Wednesday, members of Congress from both parties pressed the Secret Service for more information about foreign state-sponsored hackers stealing Covid relief funds, citing exclusive reporting from NBC News on fraud by hackers linked to the Chinese government.

In December, NBC News broke the story that a hacking group called APT41 linked to the Chinese government stole at least $20 million in U.S. Covid relief benefits, including Small Business Administration loans and unemployment insurance funds in over a dozen states, according to the Secret Service.

On Wednesday, Rep. Raja Krishnamoorthi, D-Ill, pushed witness David Smith, the assistant director of the Office of Investigations at the Secret Service, to reveal the full extent of cyber attacks by such groups on state computer systems. “Since that article came out, I got to believe that they’ve probably targeted a lot of states beyond a dozen,” said Krishnamoorthi.

Smith declined to elaborate, and also demurred when Krishnamoorthi asked if any Russian state-sponsored hacking groups had stolen funds.

“Whether or not an entity is state sponsored or not, is generally not why we tend to focus on them, we follow money,” said Smith.

North Dakota Republican Kelly Armstrong also referred to the NBC News report and asked Smith, “When do you think the Secret Service expects to have resolution on if the hackers acted on their own accord or by government direction?”

Smith answered, “Sir, sometimes in the context of a criminal investigation those answers never get reconciled.”

Asked for information about progress in the APT41 case, Smith said, “That case is a large, very broad case out of our Denver field office. And it will be unpacking that for some time, sir.”

The theft of taxpayer funds by the Chengdu-based hackers APT41 is the first instance of pandemic fraud tied to foreign, state-sponsored cybercriminals that the U.S. government has acknowledged publicly, but may be the tip of the iceberg, according to U.S. law enforcement officials and cybersecurity experts.

In an interview on the eve of the hearing, the new chair of the committee, Rep. James Comer, R-Ky., called the theft of pandemic funds intended for taxpayers by a foreign adversary “a national security issue”.

“It’s one thing for American criminals to steal that money. But when we find out, it’s our criminals in China and Russia, and some other countries around the world that are adversarial to us, it makes it even worse, you pour salt in the wound,” Comer said. “This could be the largest transfer of wealth from the government to cyber attackers in American history.”

Comer told NBC News he has started a subcommittee on cybersecurity to explore options to reinforce the government’s defenses in hopes of preventing similar incursions into state and federal computer systems.

The day after NBC published its initial story in December, the state of Maryland banned the use of TikTok and other Chinese and Russian products by state agencies, citing NBC News’ reporting about hackers linked to the Chinese government stealing millions in Covid benefits from state governments in the U.S.

In announcing the emergency directive, the state said the entities “present an unacceptable level of cybersecurity risk to the state, and may be involved in activities such as cyber-espionage, surveillance of government entities, and inappropriate collection of sensitive personal information.”

Grace Jaworski contributed.



[ad_2]

Source link